---
# https://galaxy.ansible.com/ui/repo/published/dubzland/minio/content/module/minio_policy/ ?
- name: create needed dirs
  ansible.builtin.file:
    path: "{{ minio_config_dir }}"
    state: directory
    owner: root
    group: root
    mode: '0644'
# pro bucket hjeeil ro +  rw
- name: temaplet ro policy files
  ansible.builtin.template:
    dest: "{{ minio_config_dir }}/{{ item.bucket }}_ro"
    src: policy_ro.j2
    owner: root
    group: root
    mode: '0644'
  loop: "{{ minio_policies }}"

- name: temaplet rw policy files
  ansible.builtin.template:
    dest: "{{ minio_config_dir }}/{{ item.bucket }}_rw"
    src: policy_rw.j2
    owner: root
    group: root
    mode: '0644'
  loop: "{{ minio_policies }}"

- name: setup minio policies ro
  ansible.builtin.command: "{{ minio_client_bin }} --dp admin policy create {{ minio_root_alias }} {{ item.bucket }}_rw {{ minio_config_dir }}/{{ item.bucket }}_rw"
  loop: "{{ minio_policies }}"

- name: setup minio policies ro
  ansible.builtin.command: "{{ minio_client_bin }} --dp admin policy create {{ minio_root_alias }} {{ item.bucket }}_ro {{ minio_config_dir }}/{{ item.bucket }}_ro"
  loop: "{{ minio_policies }}"



- name: Assign MinIO policies to users
  ansible.builtin.command: "{{ minio_client_bin }} --dp admin policy attach {{ item.1 }} --user {{ item.0.name }}"
  loop: "{{ minio_users | subelements('policies') }}"

# ensure absent files are removed
# deletata to localhost